Biometric Authentication Method and Computer System

1. A biometric authentication method for a computer system, the computer system comprising: a computer for capturing biometric information from a user and generating authentication information used for authenticating the user; and an authentication server for executing authentication processing by using the authentication information generated by the computer, the computer comprising a first processor, a first memory coupled to the first processor, a first storage medium coupled to the first processor, and a first communication module for performing communications with the authentication server, the first processor executing a program stored in the first memory to implement a feature extraction module, a polynomial generation module, an inverse polynomial calculation module, and a first polynomial residue calculation module, the first storage medium storing at least one modulo polynomial used for dividing a predetermined polynomial, the authentication server comprising, a second processor a second memory coupled to the second processor, a second storage medium coupled to the second processor, and a second communication module for performing communications with the computer, the second processor executing a program stored in the second memory to implement a control module, a second polynomial residue calculation module, and a matching determination module, the biometric authentication method including: a first step of capturing, by the feature extraction module, the biometric information from the user at a time of enrollment of the biometric information on the user, extracting a first feature, which is formed of a plurality of feature elements and indicate a characteristic of the biometric information, from the captured biometric information, and storing the extracted first feature into the first memory; a second step of reading, by the feature extraction module, the extracted first feature from the first memory, generating a first feature polynomial having each of the plurality of feature elements of the extracted first feature as coefficients thereof, and storing the generated first feature polynomial into the first memory; a third step of generating, by the polynomial generation module, a parameter polynomial used for concealing the first feature polynomial, and storing the generated parameter polynomial into the first memory; a fourth step of generating, by the inverse polynomial calculation module, an inverse parameter polynomial becoming a calculated residue polynomial of 1, the residue polynomial being calculated by dividing a product of the inverse parameter polynomial and the parameter polynomial by one of the at least one modulo polynomial, and storing the generated inverse parameter polynomial into the first memory; a fifth step of reading, by the first polynomial residue calculation module, the first feature polynomial and the inverse parameter polynomial from the first memory, generating a template polynomial for enrollment by calculating a residue polynomial by dividing a product of the first feature polynomial and the inverse parameter polynomial by one of the at least one modulo polynomial, and storing the generated template polynomial for enrollment into the first memory; a sixth step of reading, by the first communication module, the generated template polynomial for enrollment from the first memory, and transmitting the generated template polynomial for enrollment to the authentication server; a seventh step of enrolling, by the control module, the template polynomial for enrollment received from the computer in the second storage medium; an eighth step of capturing, by the feature extraction module, the biometric information from the user at a time of authentication of the biometric information on the user, extracting a second feature, which is formed of a plurality of feature elements and indicate a characteristic of the biometric information, from the captured biometric information, and storing the extracted second feature into the first memory; a ninth step of reading, by the feature extraction module, the extracted second feature from the first memory, generating a second feature polynomial having each of the plurality of feature elements of the extracted second feature as coefficients thereof, and storing the generated second feature polynomial into the first memory; a tenth step of generating, by the polynomial generation module, a parameter polynomial used for concealing the second feature polynomial, and storing the generated parameter polynomial into the first memory; an eleventh step of reading, by the first polynomial residue calculation module, the second feature polynomial and the parameter polynomial from the first memory, generating a template polynomial for authentication by calculating the residue polynomial by dividing a product of the second feature polynomial and the parameter polynomial by one of the at least one modulo polynomial, and storing the generated template polynomial for authentication into the first memory; a twelfth step of reading, by the first communication module, the generated template polynomial for authentication from the first memory, and transmitting the generated template polynomial for authentication to the authentication server; a thirteenth step of reading, by the control module, the enrolled template polynomial from the second storage medium, and calculating, by the second polynomial residue calculation module, a residue polynomial for correlation function generation by dividing a product of the enrolled template polynomial and the template polynomial for authentication by one of the at least one modulo polynomial, and storing the calculated residue polynomial for correlation function generation into the second memory; a fourteenth step of reading, by the second polynomial residue calculation module, the residue polynomial for correlation function generation from the second memory, generating a correlation function for calculating a correlation between the template polynomial for authentication and the enrolled template polynomial by using the read residue polynomial for correlation function generation, and storing the generated correlation function into the second memory; and a fifteenth step of calculating, by the matching determination module, a correlation value between the template polynomial for authentication and the enrolled template polynomial by using the generated correlation function, and determining based on the calculated correlation value whether or not the biometric information captured from the user at the time of authentication coincides with the biometric information enrolled in the authentication server.

2. The biometric authentication method according to claim 1 , wherein: the first memory further stores a noise polynomial generation module and a polynomial addition module; and the biometric authentication method further includes the steps of: generating, by the noise polynomial generation module, a first noise polynomial whose an absolute value of each coefficient is equal to or smaller than a predetermined value, and storing the generated first noise polynomial into the first memory, after the second step; and reading, by the polynomial addition module, the first feature polynomial and the generated first noise polynomial from the first memory, generating a first noise-added feature polynomial by using the first feature polynomial and the generated first noise polynomial, and storing the generated first noise-added feature polynomial into the first memory.

4. The biometric authentication method according to claim 3 , wherein the absolute value of each coefficient within the first noise polynomial is smaller than the predetermined integer value p.

6. The biometric authentication method according to claim 5 , wherein the absolute value of each coefficient within the first noise polynomial is smaller than the predetermined integer value p.

7. The biometric authentication method according to claim 2 , wherein the coefficient within the at least one modulo polynomial, the first feature polynomial, the second feature polynomial, the parameter polynomial, the inverse parameter polynomial, the residue polynomial for correlation function generation, the correlation function, the enrolled template polynomial, the template polynomial for authentication, the first noise polynomial, and the first noise-added feature polynomial is a number on a finite field Zq defined from a set Z of integers and an arbitrary prime number q.

8. The biometric authentication method according to claim 7 , wherein: the at least one modulo polynomial, the first feature polynomial, the second feature polynomial, the parameter polynomial, the inverse parameter polynomial, the residue polynomial for correlation function generation, the correlation function, the enrolled template polynomial, the template polynomial for authentication, the first noise polynomial, and the first noise-added feature polynomial are each a polynomial on a polynomial ring in which the coefficient is a number on the finite field Zq; and an ideal generated by the at least one modulo polynomial which is an element on the polynomial ring is a prime ideal.

9. The biometric authentication method according to claim 1 , wherein: the first memory further stores a noise polynomial generation module and a polynomial addition module; and the biometric authentication method further includes the steps of: generating, by the noise polynomial generation module, a second noise polynomial whose an absolute value of each coefficient is equal to or smaller than a predetermined value, and storing the generated second noise polynomial into the first memory, after the ninth step; and reading, by the polynomial addition module, the second feature polynomial and the generated second noise polynomial from the first memory, generating a second noise-added feature polynomial by using the second feature polynomial and the generated second noise polynomial, and storing the generated second noise-added feature polynomial into the first memory.

11. The biometric authentication method according to claim 10 , wherein the absolute value of each coefficient within the second noise polynomial is smaller than the predetermined integer value p.

13. The biometric authentication method according to claim 12 , wherein the absolute value of each coefficient within the second noise polynomial is smaller than the predetermined integer value p.

14. The biometric authentication method according to claim 9 , wherein the coefficient within the at least one modulo polynomial, the first feature polynomial, the second feature polynomial, the parameter polynomial, the inverse parameter polynomial, the residue polynomial for correlation function generation, the correlation function, the enrolled template polynomial, the template polynomial for authentication, the second noise polynomial, and the second noise-added feature polynomial is a number on a finite field Zq defined from a set Z of integers and an arbitrary prime number q.

15. The biometric authentication method according to claim 14 , wherein: the at least one modulo polynomial, the first feature polynomial, the second feature polynomial, the parameter polynomial, the inverse parameter polynomial, the residue polynomial for correlation function generation, the correlation function, the enrolled template polynomial, the template polynomial for authentication, the second noise polynomial, and the second noise-added feature polynomial are each a polynomial on a polynomial ring in which the coefficient is a number on the finite field Zq; and an ideal generated by the at least one modulo polynomial which is an element on the polynomial ring is a prime ideal.

16. The biometric authentication method according to claim 1 , wherein all of the at least one modulo polynomial are monic polynomials and have no terms other than a leading term and a constant term.

17. The biometric authentication method according to claim 1 , further including performing update processing executed periodically, the update processing include the steps of: generating, by the polynomial generation module, a new parameter polynomial, and storing the newly generated parameter polynomial into the first memory; generating, by the first polynomial residue calculation module, a polynomial for update by calculating a residue polynomial by dividing a product of the newly generated parameter polynomial and the inverse parameter polynomial by one of the at least one modulo polynomial, and storing the generated polynomial for update into the first memory; reading, by the first communication module, the generated polynomial for update from the first memory, and transmitting the generated differential polynomial to the authentication server; updating, by the polynomial generation module, the parameter polynomial stored in the first memory into the newly generated parameter polynomial; generating, by the second polynomial residue calculation module, a new enrolled template polynomial by calculating a residue polynomial by dividing a product of the polynomial for update and the enrolled template polynomial by one of the at least one modulo polynomial, and storing the newly generated enrolled template polynomial into the second memory; and updating, by the control module, the enrolled template polynomial stored in the second storage medium into the newly generated enrolled template polynomial.

18. A computer system, comprising: a computer for capturing biometric information from a user and generating authentication information used for authenticating the user; and an authentication server for executing authentication processing by using the authentication information generated by the computer, wherein: the computer comprises a first processor, a first memory coupled to the first processor, a first storage medium coupled to the first processor, and a first communication module for performing communications with the authentication server; the first processor executes a program stored in the first memory to implement a feature extraction module, a polynomial generation module, an inverse polynomial calculation module, and a first polynomial residue calculation module; the first storage medium stores at least one modulo polynomial used for dividing a predetermined polynomial; the authentication server comprises: a second processor, a second memory coupled to the second processor, a second storage medium coupled to the second processor, and a second communication module for performing communications with the computer; the second processor executes a program stored in the second memory to implement a control module, a second polynomial residue calculation module, and a matching determination module; the feature extraction module captures the biometric information from the user at a time of enrollment of the biometric information on the user, extracts a first feature, which is formed of a plurality of feature elements and indicate a characteristic of the biometric information, from the captured biometric information, and stores the extracted first feature into the first memory; the feature extraction module reads the extracted first feature from the first memory, generates a first feature polynomial having each of the plurality of feature elements of the extracted first feature as coefficients thereof, and stores the generated first feature polynomial into the first memory; the polynomial generation module generates a parameter polynomial used for concealing the first feature polynomial, and stores the generated parameter polynomial into the first memory; the inverse polynomial calculation module generates an inverse parameter polynomial becoming a calculated residue polynomial of 1, the residue polynomial being calculated by dividing a product of the inverse parameter polynomial and the parameter polynomial by one of the at least one modulo polynomial, and stores the generated inverse parameter polynomial into the first memory; the first polynomial residue calculation module reads the first feature polynomial and the inverse parameter polynomial from the first memory, generates a template polynomial for enrollment by calculating a residue polynomial by dividing a product of the first feature polynomial and the inverse parameter polynomial by one of the at least one modulo polynomial, and stores the generated template polynomial for enrollment into the first memory; the first communication module reads the generated template polynomial for enrollment from the first memory, and transmits the generated template polynomial for enrollment to the authentication server; the control module enrolls the template polynomial for enrollment received from the computer in the second storage medium; the feature extraction module captures the biometric information from the user at a time of authentication of the biometric information on the user, extracts a second feature, which is formed of a plurality of feature elements and indicate a characteristic of the biometric information, from the captured biometric information, and stores the extracted second feature into the first memory; the feature extraction module reads the extracted second feature from the first memory, generates a second feature polynomial having each of the plurality of feature elements of the extracted second feature as coefficients thereof, and stores the generated second feature polynomial into the first memory; the polynomial generation module generates a parameter polynomial used for concealing the second feature polynomial, and stores the generated parameter polynomial into the first memory; the first polynomial residue calculation module reads the second feature polynomial and the parameter polynomial from the first memory, generates a template polynomial for authentication by calculating the residue polynomial by dividing a product of the second feature polynomial and the parameter polynomial by one of the at least one modulo polynomial, and stores the generated template polynomial for authentication into the first memory; the first communication module reads the generated template polynomial for authentication from the first memory, and transmits the generated template polynomial for authentication to the authentication server; the control module reads the enrolled template polynomial from the second storage medium, and the second polynomial residue calculation module calculates a residue polynomial for correlation function generation by dividing a product of the enrolled template polynomial and the template polynomial for authentication by one of the at least one modulo polynomial, and stores the calculated residue polynomial for correlation function generation into the second memory; the second polynomial residue calculation module reads the residue polynomial for correlation function generation from the second memory, generates a correlation function for calculating a correlation between the template polynomial for authentication and the enrolled template polynomial by using the read residue polynomial for correlation function generation, and stores the generated correlation function into the second memory; and the matching determination module calculates a correlation value between the template polynomial for authentication and the enrolled template polynomial based on the generated correlation function, and determines based on the calculated correlation value whether or not the biometric information captured from the user at the time of authentication coincides with the biometric information enrolled in the authentication server.